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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on January 
9, 2008 has been entered. 

Response to Arguments 

2. Applicant's has failed to file a terminal disclaimer in regards to the obvious-type 
double patenting. The rejection is hereby maintained by the examiner. 

3. Applicant's arguments filed have been fully considered but they are not 
persuasive. 

It is argued by the applicant that the teachings of Priem fail to disclose of 
"verifying a binding between contents of the system program and the computing 
device". 

The examiner disagrees with the applicant's assertion. The applicant's claim 
language fails to distinguish from the prior art teachings of Priem. The applicant's 
assertion of "the software is not bound to the computing system, rather an identifier for 
the software is bound to the computing system" is incorrect in view of the teachings of 
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Priem. The disclosure of Priem associates a password with the authorized software 
program, not an identifier as alleged by the applicant. In regards to the teachings of 
Priem, a unique identifier is associated with each workstation and a password is 
prepared for each copy of the authorized software and this computing identifier and 
password value is bound with one another, see column 1 , lines 31-39. It is interpreted 
by the examiner that the contents of the authorized software program is viewed as a 
whole software package since it is the authorized software application that is checked to 
see if it is authorized for use on that particular workstation. 

In light of the limitations of the "verifying the contents of the system program is 
bound to the computing system", then how specifically is that done? The applicant's 
claims fall short in distinguishing this feature from the prior art teachings of Priem. The 
currently claimed recitations of the verification between the binding of the system 
program contents and the computing device is vague. The examiner believes if the 
claims were amended to specifically identify how the step of " verifying a binding 
between contents of the system program and the computing device" was claimed, it 
would then overcome the prior art teachings. 

Double Patenting 

4. The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory 
obviousness-type double patenting rejection is appropriate where the conflicting claims 
are not identical, but at least one examined application claim is not patentably distinct 
from the reference claim(s) because the examined application claim is either anticipated 
by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 
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F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 
USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 
1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 
F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 
USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) or 1 .321 (d) 
may be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent either is shown to 
be commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 

Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 

1 . Claims 1-24 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over claims 1-21 of 
copending Application No. 10/618,859. Although the conflicting claims are not identical, 
they are not patentably distinct from each other because claims 1-24 of the instant 
application are anticipated by co-pending claims 1-21 in that claims 1-21 of the co- 
pending application contains all the limitations of claims 1-24 of the instant application. 
Claims 1-24 of the instant application therefore are not patentably distinct from the co- 
pending claims, and as such, are unpatentable for obvious-type double patenting. 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 1,11,23, and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Martinek et al, U.S. Patent 7,043,641 in view of Priem et al, U.S. 
Patent 5,652,793. 

As per claim 1 , it is taught by Martinek et al of a computing device comprising a 
processing system, a memory coupled to the processing system, a system program 
stored in the memory, and a secure checking program for repeatedly authenticating the 
system program during operation of the computing device to ensure that the system 
program is not modified during execution (col. 4, lines 15-19; col. 5, lines 36-47; col. 8, 
lines 22-23; and col. 9, lines 1 0-24). The teachings of Martinek et al fail to disclose of 
verifying a binding between contents of the system program and the computing device. 
It is taught by Priem et al of verifying a binding between contents of the system program 
and the computing device (col. 1 , lines 32-39). It is obvious to a person of ordinary skill 
in the art, at the time of the invention, to have included the aspect of validating software 
by determining if it is allowed to be executed on a particular computer system. The 
teachings of Priem et al recite of motivational benefits for validating software prior to 
usage by disclosing of shortcomings in the prior art that exist wherein illegal usage 
exists wherein copied programs execute on computer systems and a binding between 
the software and a particular computer is checked to see if the software is entitled to run 
on the machine to which it is assigned for usage (col. 1 , lines 32-46). It is obvious to a 
person of ordinary skill that the teachings of Martinek et al would have been made more 
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secure by determining if installed software is authorized to run on a particular computer 
as is taught by Priem et al. 

As per claim 1 1 , Martinek et al teaches of a method of controlling the operation of 
a computing device comprising the steps of comparing a current state of a system 
program executed by the computing device with a known secure state of the system 
program and repeating the comparing step during operation of the computing device to 
determine if any variation of the system program form the known secure state (col. 5, 
lines 36-47 and col. 9, lines 10-24). The teachings of Martinek et al fail to disclose of 
verifying a binding between contents of the system program and the computing device. 
It is taught by Priem et al of verifying a binding between contents of the system program 
and the computing device (col. 1 , lines 32-39). It is obvious to a person of ordinary skill 
in the art, at the time of the invention, to have included the aspect of validating software 
by determining if it is allowed to be executed on a particular computer system. The 
teachings of Priem et al recite of motivational benefits for validating software prior to 
usage by disclosing of shortcomings in the prior art that exist wherein illegal usage 
exists wherein copied programs execute on computer systems and a binding between 
the software and a particular computer is checked to see if the software is entitled to run 
on the machine to which it is assigned for usage (col. 1 , lines 32-46). It is obvious to a 
person of ordinary skill that the teachings of Martinek et al would have been made more 
secure by determining if installed software is authorized to run on a particular computer 
as is taught by Priem et al. 
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As per claim 23, Martinek et al teaches wherein the repeating step comprises the 
step of repeating the comparing step during periods of inactivity in the computing device 
(col. 9, lines 10-24). 

As per claim 24, Martinek et al discloses wherein the repeating step comprises 
the step of repeating the comparing step when initiated by a software application (col. 9, 
lines 10-24). 

7. Claims 2-1 0 and 1 2-22 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Martinek et al, U.S. Patent 7,043,641 in view of Priem et al, U.S. 
Patent 5,652,793, in further view of Housley et al (RFC 2459). 

As per claim 2, it is disclosed by Martinek et al of certifying the system program, 
wherein the information defining a secure state of the system program (col. 5, lines 6- 
1 6), however the combined teachings of Martinek et al and Priem et al fail to disclose of 
the use of digital certificates. It is taught by Housley et al of the use of digital certificates 
used for validating information contained within it (page 8, section 3.1). It would have 
been obvious to a person of ordinary skill in the art at the time of the invention to have 
been motivated to apply the use of digital certificates to certify certain content. 
Motivation is used by Housley et al in that it is suggested that authentication and 
authorization information is provided in order to certify the content associated with it 
(page 6, section 2.2). The teachings of Martinek et al are suggestive to the use of 
certificates since it is disclosed that content is certified and the teachings of Housley et 
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al provide further support for the use of digital certificates to certify the content 
associated with it. 

As per claim 3, Martinek et al teaches wherein the information includes a hash of 
the system program (col. 9, lines 10-24). 

As per claim 4, Martinek et al discloses wherein the hash is asymmetrically 
encrypted using a private key to produce a signature associated with the system 
program (col. 5, lines 48-56 and col. 6, lines 38-63). 

As per claim 5, it is taught by Martinek et al wherein the information includes a 
public key associated with the private key (col. 6, lines 38-63). 

As per claims 6,19, and 20, it is disclosed by Martinek et al wherein the secure 
checking program authenticates the system/firmware program by decrypting the 
signature using the public key to produce a decrypted signature and comparing a hash 
of the current state of the system/firmware program with the decrypted signature (col. 5, 
lines 48-56; col. 6, lines 38-63; and col. 9, lines 10-24). 

As per claim 7, Martinek et al teaches wherein the information is asymmetrically 
encrypted using a private key belonging to a manufacturer of the computing device (col. 
6, lines 38-63). 

As per claim 8, Martinek et al discloses wherein the information includes a die 
identification number uniquely associated with the computing device (col. 5, lines 36- 
47). 

As per claims 9 and 21 , it is taught by Martinek et al wherein the secure checking 
program compares the die identification number stored with a die identification number 
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stored in the computing device (col. 5, lines 36-47). The teachings of Housley et al are 
relied upon for the use of digital certificates, please refer above for the motivation of 
applying the teachings of Housley et al to the disclosure of Martinek et al. 

As per claims 10 and 22, it is disclosed by Martinek et al wherein the secure 
checking program can disable functions of the computing device if a modification of the 
system program is detected (col. 9, lines 10-24). 

As per claim 12, Martinek et al discloses wherein the comparing step comprises 
the step of comparing information associated with the system program to the current 
state to determine if a modification of the system program has occurred (col. 9, lines 10- 
24). The teachings of Housley et al are relied upon for the use of digital certificates, 
please refer above for the motivation of applying the teachings of Housley et al to the 
disclosure of Martinek et al. 

As per claim 13, it is taught by Martinek et al wherein the comparing step further 
comprises the step of authenticating a firmware, wherein the firmware contains an 
encrypted hash (col. 6, lines 38-63 and col. 9, lines 10-24). The teachings of Housley et 
al are relied upon for the use of digital certificates, please refer above for the motivation 
of applying the teachings of Housley et al to the disclosure of Martinek et al. Housley et 
al further discloses of certificate fields which comprises specific information associated 
with the subject (page 14, section 4.1 ). 

As per claim 14, it is disclosed by Martinek et al wherein the authenticating step 
comprises the step of asymmetrically decrypting the hash using a public key to produce 
a signature (col. 5, lines 48-56; col. 6, lines 38-63; and col. 9, lines 10-24). The 
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teachings of Housley et al are relied upon for the use of digital certificates, please refer 
above for the motivation of applying the teachings of Housley et al to the disclosure of 
Martinek et al. 

As per claim 15, Housley et al teaches wherein the public key is stored in the 
digital certificate (page 14, section 4.1). The teachings of Housley et al are relied upon 
for the use of digital certificates, please refer above for the motivation of applying the 
teachings of Housley et al to the disclosure of Martinek et al. 

As per claim 16, Martinek et al discloses wherein the authenticating step 
comprises the step of comparing a hash of a current state of the system program with 
the signature (col. 9, lines 10-24). 

As per claim 17, it is taught by Martinek et al wherein the comparing step 
comprises the step of authenticating an originator's public key, where the originator's 
public key is associated with a firmware originator (col. 6, lines 38-63). The teachings of 
Housley et al are relied upon for the use of digital certificates, please refer above for the 
motivation of applying the teachings of Housley et al to the disclosure of Martinek et al. 

As per claim 18, it is disclosed by Martinek et al wherein the authenticating step 
comprises the step of decrypting the signature associate with originator's public key with 
reference to a manufacturer's public key, where the manufacturer's public key is 
associated with a manufacturer of the computing device, to produce a decrypted 
signature, generating a hash of the originator's public key, and comparing the decrypted 
signature with the hash (col. 5, lines 48-56; col. 6, lines 38-63; and col. 9, lines 10-24). 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher A. Revak whose telephone number is 571 - 
272-3794. The examiner can normally be reached on Monday-Friday, 9:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Christopher A. Revak/ 
Primary Examiner, Art Unit 2131 



